NT file permissions in ASP?

Bard · 25-04-2001 12:15pm #1

Hi,

I'll be writing an Intranet web site through ASP. The site will, on some pages, present a list of word/excel files with the names of the files being direct links to the files themselves. The client is using Office 2000 and IE, so clicking on those links will bring up the document within the IE window while preserving the IE toolbar (allowing them to click back, etc.)...

This is all very well and good, but what we want to do is check the permission settings on the files before displaying them in the list and only to display them if the currently logged on NT User account has read permissions on that file. - In other words, the list of files presented will only be those files for which the web site user has read permissions, depending on their NT logon.

THAT itself is what has me a little stumped - just as to how to
implement that - how to read in the permissions on the file based on
the NT user. I'm getting increasingly sceptical as to whether it's possible at all... We *could* just change the default "permission denied" HTML page in IIS on their server so that they get an error message that still looks like the rest of the site, but I'd rather not show the link if they don't have permissions...

Can anybody point me in the right direction?

Bard

"We do know it was we who scorched the sky..."

ConUladh · 25-04-2001 12:54pm

I reckon posting this in Programming might be a bit more appropriate,

I need to do this soon as well so I'll be interested in the replies you get,

As a resource I've been told and have found myself that http://www.planet-source-code.com is quite good for ASP

Hobbes · 25-04-2001 1:12pm

Can NT set permissions on a file by file basis? I've never seen it. I know W2K can and normally the permissions part would be handled by the operating system, not the ASP?

Could be wrong though.

WhiteWashMan · 25-04-2001 1:49pm

yes, you can set permisions at file level in ntfs

kayos · 25-04-2001 2:01pm

Hobbes is right if you get your web server I guess its IIS not to allow anon logins then nt will give you the file protection you need. here is the functions in C++ to see if you have permissions
http://msdn.microsoft.com/library/devprods/vs6/visualc/vccore/_crt__access.2c_._waccess.htm I hope this helps its not a lot to go on but I'll try help a bit more when I'm not so up the walls

kayos

Hobbes · 25-04-2001 2:24pm

<font face="Verdana, Arial" size="2">Originally posted by WhiteWashMan:
yes, you can set permisions at file level in ntfs</font>

Oh ok, I get it. If the disk is formatted to FAT it won't offer that ability. Might explain why I haven't seen it.

WhiteWashMan · 25-04-2001 8:00pm

<font face="Verdana, Arial" size="2">Originally posted by Hobbes:
Oh ok, I get it. If the disk is formatted to FAT it won't offer that ability. Might explain why I haven't seen it.

</font>

well sim, i guess we both learned something today. i didnt know you could install nt on fat

Bard · 27-04-2001 12:42pm

Can do it (and will be doing it) using the ActiveFile component... the following code giving a small example...

&lt;%

'Getting the permission settings on a file

Set File = Server.CreateObject("ActiveFile.File")

File.Name = "E:\WebSites\Test\TEST.asp" 'replace this with any file
'Response.Write File.ACES
For Each ACE In File.ACEs
	Response.Write ACE.Permissions
	Response.Write "Name = " & ACE.TrusteeName & "&lt;BR&gt;"
Next

Set File = Nothing
%&gt;

The thing is that - yeah, NT would perform all the security functions itself and deny access here or there sending you to a standard "permission denied" error page, as defined within IIS. ... but I want to be able to capture these errors before they happen and not display the links that would result in the "permission denied" error page... which, it seems, I can do with ActiveFile...

Bard

"We do know it was we who scorched the sky..."

NT file permissions in ASP?

Comments